Apply on Employer Site

PeopleTec, Inc. · 23 hours ago

Cyber SOC/Threat Analyst

San Miguel, CA

Full-time

Onsite

Senior Level, Lead/Staff

$108K/yr - $140K/yr

10+ years exp

PeopleTec, Inc. is an employee-owned small business providing exceptional customer support through a skilled workforce. They are seeking a Cyber SOC/Threat Analyst responsible for monitoring, analyzing, and responding to cyber threats to protect the organization's digital assets.

GovernmentGovTechInformation TechnologyMilitarySoftware Engineering

Growth Opportunities

No H1B

Security Clearance Required

U.S. Citizen Only

Responsibilities

Monitor and analyze security events and alerts generated by SIEM platforms, firewalls, IDS/IPS, and endpoint detection tools to identify potential threats and anomalous behavior

Perform basic system administration functions on the sensor capability systems and components, such as applying patches and updates if touch labor is required

Analyze data from installed OT sensors to identify patterns, trends, and assist with the reports generated regarding system performance and health

Diagnose and resolve issues related to sensor data, including malfunctioning sensors, communication problems, and data integrity problems if necessary

Analyze potential security incidents and investigate to determine the scope, impact, root cause, and recommend effective remediation strategies

Perform triage on security incidents to identify root causes and recommend appropriate mitigation measures

Conduct regular reviews of SIEM reports to identify patterns, trends, and potential vulnerabilities within the organization's infrastructure

Develop actionable recommendations based on SIEM data analysis to enhance detection capabilities, optimize alert configurations, and address identified gaps

Escalate critical incidents to senior leadership or appropriate teams and provide detailed incident summaries with proposed mitigation actions

Maintain accurate documentation of security events and incident-handling procedures

Monitor and evaluate Cyber Tasking Orders (CTOs) and other directives from NETCOM, ensuring compliance and timely implementation of mitigations

Conduct research on the latest organization’s environment threat vectors, attack methodologies, and adversarial tactics, techniques, and procedures (TTPs)

Collaborate with other cybersecurity team members and the government customer to integrate threat intelligence into incident detection and response processes

Analyze CVEs, security bulletins, threat intelligence feeds, and security advisories to assess their relevance and potential impact to the mission and the organization’s environment

Correlate threat intelligence with SIEM findings to identify and assess emerging threats

Develop and communicate proactive mitigation strategies based on threat landscape trends and adversary tactics

Generate detailed and actionable reports for leadership from SIEM platforms summarizing identified threats, incidents, and remediation steps

Provide recommendations for improving the organization’s cybersecurity posture based on incident trends and threat intelligence

Maintain clear communication with cross-functional teams to ensure alignment with security objectives and protocols

Generate detailed reports threats, false positives, and actionable insights

Provide the Government customer and leadership with concise, data-driven recommendations for enhancing the organization’s cybersecurity defenses based on SIEM trends and incident analysis

Prepare summaries and status updates of security posture improvements resulting from SIEM data analysis and implemented recommendations

Support the configuration, tuning, and optimization of security monitoring tools, including SIEM and threat detection platforms

Work with the team to improve the accuracy, reliability, and efficiency of OT sensor data collection and analysis

Conduct periodic reviews and updates of security tools to address gaps or inefficiencies

Participate in the testing and implementation of new security technologies as required

Collaborate with the team and the stakeholder community to fine-tune SIEM configurations, including custom rule creation and log source integration, to improve threat detection accuracy

Conduct periodic evaluations of SIEM and related tools, providing recommendations for feature enhancements or additional capabilities

Support the testing and deployment of security solutions to ensure seamless integration with the existing monitoring infrastructure

Proficiency in analyzing security events, logs, and alerts from various security tools (e.g., SIEM, firewalls, IDS/IPS)

Familiarity with CVEs, threat intelligence frameworks (e.g., MITRE ATT&CK), and vulnerability management practices

Knowledge of NETCOM policies, Cyber Tasking Orders (CTOs), and cybersecurity compliance requirements

Meet DoD and Army training and certification requirements for system administration (DOD 8140 IAT Level II)

Strong analytical and problem-solving skills with attention to detail

Qualification

SIEM platformsCybersecurity complianceThreat intelligenceIncident responseSecurity event analysisCISSPCompTIA Security+PythonAnalytical skillsCommunication skillsProblem-solving skills

Required